Improving Intrusion Detection Systems Using Artificial Neural Networks
Fecha de publicación
Ediciones Universidad de Salamanca (España)
ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal, 7 (2018)
In this paper, some of the methods used in the intrusion detection system were described using the neural network as a tool in intrusion detection system, which became very necessary in computer systems because it provides protection against attacks by hackers that are becoming increasingly destructive to computer systems./nThe Backpropagation Neural Network was chosen from among the neural networks due to its ability, speed and intelligence to recognize packet patterns captured from the network, providing the ability to detect intrusion of the system. The speed of the network in giving the diagnosis is one of the most important reasons for choosing the neural network. Therefore, many Attacks features have been analyzed of the standard packets that allow traffic through the network as well as the unusual packets, especially on these protocols (TCP, UDP)./nThe results of these analyzes have been used to learn the neural network on the structure and pattern of standard and unusual packets. There are many algorithms for learning the neural network, but the researcher used the Standard Backpropagation Algorithm. Therefore, for increasing the intelligence and speed of the network and its ability to classify, the researcher used the Resilient Backpropagation Algorithm, provided by MATLAB programming language which is smarter and more accurate than the first algorithm./nThe output of this system can detect the standards packets from the unusual packets and classify them into five types with the efficiency up to 100% of the defined packets. However, the detection of the unknown attacks is not known, and rating score is zero./nThis paper contains a lot of tables and figures that illustrate the results and analysis of the results. It should be noted that any intrusion detection system must be up-to-date, as there is no effective and successful intrusion detection system without updating its database.